EUVD-2015-9280

Malware in sbrugna...

Hacking Gas Pumps via Bluetooth

Turns out pumps at gas stations are controlled via Bluetooth, and that the connections are insecure. No details in the article, but it seems that its easy to take control of the pump and have it dispense gas without requiring payment. Its a complicated crime to monetize, though. You need to sell...

Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns

Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging...

Proxyware Services Open Orgs to Abuse – Report

Services that allow consumers to resell their own internet bandwidth for profit to businesses that want to resell it are ripe for abuse, according to researchers. The burgeoning business model is growing in popularity with consumers who earn about $1 for every 10GB of their bandwidth shared with...

The Edge of a Storm?

The SolarWinds element of this breach is likely just the tip of the iceberg as many more businesses leveraging their management tools are exposed to this compromise. Not necessarily from the nation state actor believed to have triggered it, but from the potential sell off of those points of acces...

AZORult brings friends to the party

By Vanja Svajcer. NEWS SUMMARY We are used to ransomware attacks and big game hunting making the headlines, but there is an undercurrent of other attack types that allow attackers to monetize their efforts in a less intrusive way.Here, we discuss a multi-pronged cyber criminal attack using a numb...

WordPress monetize plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. monetize is an advertising plugin used in it. A cross-site request forgery vulnerability exists in WordPress monetize plugin version...

CVE-2015-9440

The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new...

Cross site request forgery (csrf)

The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new...

CVE-2015-9440

The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new...

WordPress Theme Directory 2.0.16 Shell Upload

Exploit Title : Wordpress Theme Directory Arbitrary Shell Upload Vulnerability Exploit Author : xBADGIRL21 Dork : inurl:/wp-content/themes/Directory/ Vendor Homepage : https://templatic.com/ version : 2.0.16 - 2.0.14 & maybe high or lower Tested on: BackBox skype:xbadgirl21 Date: 15/08/2016 video...

WordPress Monetize 1.03 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

WordPress Monetize plugin version 1.03 suffers from cross site request forgery and cross site scripting vulnerabilities. Exploit Title : Wordpress Monetize Plug-in XSS/CSRF Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/monetize/ Date: 2015-08-07...

WordPress Monetize Plugin <= 1.03 - Multiple Vulnerabilities

This plugin is prone to cross site scripting and cross site request forgery vulnerabilities. Solution Update the plugin...

Monetize <= 1.03 - Cross-Site Scripting (XSS) & CSRF

The monetize WordPress plugin was affected by a Cross-Site Scripting XSS & CSRF security vulnerability...

WordPress Monetize 1.03 Cross Site Request Forgery / Cross Site Scripting

Exploit Title : Wordpress Monetize Plug-in XSS/CSRF Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/monetize/ Date: 2015-08-07 Tested On : Kali Linux - FireFox Software Link : https://downloads.wordpress.org/plugin/monetize.zip Version : 1.03...